From 568fa250c12a88c727790bead1a939f5e3825ac0 Mon Sep 17 00:00:00 2001
From: Andjelko Horvat <comel@vingd.com>
Date: Mon, 18 Nov 2013 17:22:54 +0000
Subject: [PATCH] authtwitter: add force_login (issue #587).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3295 44740490-163a-0410-bde0-09ae8108e29a
---
 config-templates/authsources.php                | 4 ++++
 modules/authtwitter/lib/Auth/Source/Twitter.php | 8 +++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/config-templates/authsources.php b/config-templates/authsources.php
index af52cfb6e..2eedc80fc 100644
--- a/config-templates/authsources.php
+++ b/config-templates/authsources.php
@@ -189,6 +189,10 @@ $config = array(
 		'authtwitter:Twitter',
 		'key' => 'xxxxxxxxxxxxxxxx',
 		'secret' => 'xxxxxxxxxxxxxxxx',
+
+		// Forces the user to enter their credentials to ensure the correct users account is authorized.
+		// Details: https://dev.twitter.com/docs/api/1/get/oauth/authenticate
+		'force_login' => FALSE,
 	),
 	*/
 
diff --git a/modules/authtwitter/lib/Auth/Source/Twitter.php b/modules/authtwitter/lib/Auth/Source/Twitter.php
index 8ee8c7d97..72aa93283 100644
--- a/modules/authtwitter/lib/Auth/Source/Twitter.php
+++ b/modules/authtwitter/lib/Auth/Source/Twitter.php
@@ -23,6 +23,7 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
 
 	private $key;
 	private $secret;
+	private $force_login;
 
 
 	/**
@@ -42,6 +43,7 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
 
 		$this->key = $configObject->getString('key');
 		$this->secret = $configObject->getString('secret');
+		$this->force_login = $configObject->getBoolean('force_login', FALSE);
 	}
 
 
@@ -69,7 +71,11 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
 		SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
 
 		// Authorize the request token
-		$consumer->getAuthorizeRequest('https://api.twitter.com/oauth/authenticate', $requestToken);
+		$url = 'https://api.twitter.com/oauth/authenticate';
+		if ($this->force_login) {
+			$url = SimpleSAML_Utilities::addURLparameter($url, array('force_login' => 'true'));
+		}
+		$consumer->getAuthorizeRequest($url, $requestToken);
 	}
 	
 	
-- 
GitLab